Hi,
I opened an issue on GitHub to discuss this problem in more detail.
https://github.com/openssl/openssl/issues/9078
It would be nice if you could join the discussion there.
Matthias
@Jay: in particular I'm interested to learn, which linux version and distribution
you were using. On newer systems, `getentropy()` should be the method of
choice, because it does not share the deficiencies of the `/dev/urandom` device.
On 30.05.19 02:11, Dr. Matthias St. Pierre wrote:
To workaround the /dev/random blocking issue, you can just add:
-DDEVRANDOM="\"/dev/urandom\""
as a parameter to ./Configure
This will remove the special handling of /dev/urandom and /dev/random
in 1.1.1c.
Tomáš, Jay,
I'm afraid this suggestion won't help, because `DEVRANDOM_WAIT` is defined
unconditionally in e_os.h:
https://github.com/openssl/openssl/blob/OpenSSL_1_1_1c/e_os.h#L30-L34
This means that the select() call will happen on linux independently of what
`DEVRANDOM` is defined to be:
https://github.com/openssl/openssl/blob/OpenSSL_1_1_1c/crypto/rand/rand_unix.c#L509-L535
I think that pull request #8251 needs to be reconsidered. Give me one day or two,
I'll create a GitHub issue for that and post the link here when it's ready.
Matthias
